Suggested Splunk forwarder settings for Brooks RPM Elite 6.1

2 posts / 0 new
Last post
blueguero
Suggested Splunk forwarder settings for Brooks RPM Elite 6.1

1) For  version 6.1 we plan to ship the following to Splunk:

Windows Event logs

C:\Program Files\Brooks Internet Software\RPM\Events*.csv

C:\Program Files\Brooks Internet Software\RPM\license.csv

C:\Program Files\Brooks Internet Software\RPM\rpmsrv*.log

C:\Program Files\Brooks Internet Software\RPM\report.txt

2) ports.txt is still available in RPM Elite 6.1

3) Splunk is a log aggregator.   It's not suitable for exporting databases.   We can look at backing up events.db file via a script if Brooks support thinks it's worthwhile.   We plan on backing up rpm.fdb on a daily basis.

Comments?

Thanks, Sergio